The opportunities for employees to telework have continued to increase over the years as employers have seen financial and productivity benefits. Advancements in technology and access to faster broadband speeds across the country have assisted in the increased numbers of teleworkers. As a result, the number of people who are handling confidential data outside of their office environment has increased.
Gill Taylor who is a HR Consultant stated, “Research shows home workers are generally more productive. A survey in 2011 by the Confederation of British Industry found that the percentage of employers offering home working was 59 per cent, up from 13 per cent in 2006.”
Therefore, it is imperative that the employer has the correct regulations and measures in place before they let employee’s telework to help reduce the chances of confidential data being compromised, lost or deleted.
Teleworking is when an employer has an agreement with an employee where they do not commute to a central place of work and use their own computers and telephones etc. to contact colleagues, customers or a central office.
No matter where you are working from, significant care and caution needs to be applied when dealing with confidential data. An incident occurred back in November 2011 where an employee of Aberdeen City Council compromised confidential data when teleworking. Confidential data relating to the care of vulnerable children was accidently posted online after the employee accessed the documents on their home computer. A file transfer program which was already installed on the computer then proceeded to automatically upload the documents to a website. This confidential data remained on the website for a further two months until another employee found the data in public domain by entering their own name and job title into a search engine.
This incident resulted in an investigation being conducted by the Information Commissioner’s Office (ICO) who issued a fine for £100,000 which can be reduced to £80,000 if the payment deadline was met.
Ken Macdonald who is an assistant commissioner for Scotland at the ICO stated, “As more people take the opportunity to work from home, organisations must have adequate measures in place to make sure the personal information being accessed by home workers continues to be kept secure.”
Macdonald added, “In this case Aberdeen City Council failed to monitor how personal information was being used and had no guidance to help home workers look after the information. On a wider level, the council also had no checks in place to see whether the council’s existing data protection guidance was being followed. The result was a serious data breach that left the sensitive information of a vulnerable young child freely available online for three months.”
Macdonald then concluded by stating, “We would urge all social work departments to sit up and take notice of this case by taking the time to check their home working setup is up to scratch.”
Before an employer allows an employee to telework, they need to make sure that they have the appropriate regulations and measures in place to help minimise the chance of confidential data being compromised or lost. As part of this, the employer should ensure that they have a robust backup solution in place so if any files were to be lost, deleted or modified; the data can be recovered successfully.